Close this search box.

The 5 Incidents that Defined Cybersecurity in 2021


As the COVID-19 pandemic and work from home patterns continued in fits and burst, 2021 was yet another year in which cybersecurity incidents became mainstream news and captivated worldwide attention. Here were some of the incidents that we covered and which mattered most in the Australian context.

Colonial Pipeline

The temporary shutdown of the largest petroleum pipeline in the US has brought part of the United States to a standstill.

The Colonial Pipeline supplies to over 10 states with gas, jet fuel, diesel and heating oil among its core transports. It extends over 8,850 kilometers between Texas and New York.

The Colonial Pipeline incident sent shivers down the global spine and created fuel shortages and mass runs at petrol bowsers as the country’s lifeblood came to a temporary halt.

The company claimed it feared massive damage to fuel transportation systems and therefore decided to pay the US$4.4 million ransom to retrieve its encrypted data.

By day 11 it was noted that 87% of petrol bowers in Washington, D.C were empty. President Joe Biden even proclaimed a state of emergency – over a cyber-attack.


The world’s largest meat processing company was struck by a ransomware attack impairing some of its servers supporting North American and Australian IT systems.

Being the second largest provider in the US and largest in Australia, it disruption brought US production down to 22% on the previous year’s corresponding time.

Experts said that companies like JBS make a lucrative target for cyber criminals given their vital role in the food chain – pushing pay-outs to high amounts.

In Australia, operations were halted at JBS meat plants, and the company paid a $14.2 million ransom, claiming “we felt this decision had to be made to prevent any potential risk for our customers”.

Florida’s Water Supply

A cautionary warning for utilities and governance agencies – cyber criminals managed to infiltrate Florida’s water treatment facility in an unsuccessful attempt to increase sodium hydroxide dosage in the water supply to dangerous proportions (and then extort the utility to their end afterwards).

It was clear that the use of outdated software was a principal vector of this attack.

Many small public utilities suffer from aging infrastructure with IT departments tending to be under-resourced, lacking budget and expertise to upgrade security postures and address vulnerabilities in a timely fashion.

Besides running an out-of-date 32-bit version of the Windows 7 operating system, it was noted that the machines also shared the same password for remote access and are said to have been exposed directly to the Internet without any firewall protection installed.

The breach hit home just how ubiquitous cyber attacks are in modern times.

Channel 9

Being at the center of possibly the largest cyber-attack on a media company in Australia’s history, the incident brought the production systems of the network to a grinding 24-hour halt.

The incident correlated with another suspected attack on Australia’s parliament in Canberra.

It was reported that earlier broadcasts from Sydney were cancelled through the morning and swapped with pre-recorded or interstate content, which is unheard of in recent times.


A crack in a cybersecurity company: one of the most frontiers in online security is when those looking after our security are themselves compromised.

Kaseya is a cybersecurity company offering automation software and remote management software. In this incident, 800 stores were unable to open in Sweden because their cash registers weren’t working. Among the affected were the Swedish State Railways and a major local pharmacy chain.

A supply chain attack by the notorious REvil ransomware gang locked up the systems of hundreds of organisations in one fell swoop after a malicious update was pushed out to customers of Kaseya.

The zero-day vulnerability used to breach on-premises Kaseya VSA servers was in the process of being fixed, just as the REvil ransomware gang used it to perform a massive attack.

The vulnerability was disclosed to Kaseya by security researchers from the Dutch Institute for Vulnerability Disclosure (DIVD), and Kaseya was validating the patch before rolling it out to customers.

Nonetheless, it was too little too late as threat actors undertook one of the defining attacks of 2021.

Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235


Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →



Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution



A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →